PXE with Firewall

[man.postman]

I have a weird configuration. I have my client in a subnet along with a
DHCP server (Windows) and my image is behind a firewall. I want that
once the machines, gets the IP it should be able to TFTP to the TFTP
server behind the firewall. My question is

Can I configure the Windows DHCP to tell the client

1. The IP of the TFTP server
2. The FILENAME it should retrieve

If yes, how?

thanks to everybody who replies

 

[Raymond Cruz]

Your question has nothing to do with XPe -- you are really asking whether
you can hack PXE. Keep in mind that the DHCP server and boot server operate
independently so in the PXE context it doesn't make sense for the DHCP
server to identify the boot server to the client. The boot server
identifies itself through its proxy DHCP. I think your best strategy would
be to figure out whether you can open ports in your firewall so that your
boot server is not isolated from the DHCP server and client.

RC

 

[man.postman]

Raymond

Thank you for replying.

Is it possible, that I put my DHCP and PXE boot servers, outside the
firewall but put my image server (TFTP) inside the firewall? The PXE
boot server can then direct my clients to the Image server (TFTP) .
The clients can connect to the image server through a hole in the
firewall only for TFTP?

Thanks

 

[Henry Markov]

Maybe you know something that I don't but AFAIK the TFTP server and PXE server
are the same machine so I don't know how it can be both inside and outside of
the firewall.

HM

 

[KM]

Henry,

You can make both servers (DHCP/Proxy DHCP and Boot Serrver [TFTP]) running on separate machines.
It'd be just a matter of getting the Boot Server list in DHCPOFFER message.

Even DHCP and Proxy DHCP may reside on different machines (sometimes, if not often, it is even better).

Look at the specification: http://www.pix.net/software/pxeboot/archive/pxespec.pdf
Btw, all the ports are mentioned there.